Joel Rosenblatt reports: A former Tesla Inc. software engineer was ordered to appear before a judge to face allegations that three days into his job, he started stealing confidential files and transferring them to a personal storage account. During his two-week employment ending Jan. 6, Alex Khatilov stole more than 6,000 scripts, or files of code, that…
SonicWall says it was hacked using zero-days in its own products
Catalin Cimpanu reports: Networking device maker SonicWall said on Friday night that it is investigating a security breach of its internal network after detecting what it described as a “coordinated attack.” In a short statement posted on its knowledgebase portal, the company said that “highly sophisticated threat actors” targeted its internal systems by “exploiting probable zero-day vulnerabilities…
Security firm Malwarebytes was infected by same hackers who hit SolarWinds
Dan Goodin reports: Security firm Malwarebytes said it was breached by the same nation-state-sponsored hackers who compromised a dozen or more US government agencies and private companies. The attackers are best known for first hacking into Austin, Texas-based SolarWinds, compromising its software-distribution system and using it to infect the networks of customers who used SolarWinds’…
Kirill Victorovich Firsov, Admin of DEER.IO, Pleads Guilty
January 21 — SAN DIEGO – Kirill Victorovich Firsov, a Russian citizen, pleaded guilty in federal court today to a cybercrime, admitting that he was the administrator of a website that catered to cyber criminals by virtually selling items such as stolen credit card information, other personal information and services to be used for criminal…
HIPAA Enforcement by State Attorneys General
HIPAA Journal has a nice recap of of HIPAA enforcement actions by states attorney general. You can read it here.
Association of Corporate Counsel Launches Data Steward Program: An Approach to Assessing Law Firm Data Security
Joseph Lazzarotti and Maya Atrakchi of JacksonLewis write On December 8th, the Association of Corporate Counsel (ACC), which represents over 45,000 in-house counsel across 85 countries, announced the launch of its Data Steward Program (DSP) to help organizations and their law firms assess and share information about information security relating to client data. The DSP is two years…